The White House urges agencies to retain cybersecurity teams amid budget cuts, warning of national security risks. GitHub uncovered high-severity ruby-saml flaws enabling account takeovers. A critical WordPress plugin vulnerability threatens 5M+ sites. Microsoft patched a zero-day exploited since 2023, while Apple released an emergency iOS update for a WebKit flaw. Australia introduced strict cybersecurity laws, and IDRBT launched an AI-driven banking security platform. MSRC continues to lead global cyber defense.

Reference: https://www.linkedin.com/newsletters/hacker-hacks-7126276864670670848/

China-linked UNC3886 hacked Juniper routers using custom backdoors, while Microsoft patched six actively exploited zero-days, including a ChatGPT-trojan exploit. Apple fixed a WebKit flaw targeting iPhones, and the Ballista botnet exploited TP-Link routers. CISA cut $10M in cyber funding, and OKX denied Bybit hack allegations. Ledger helped Trezor fix a security flaw, and a critical FreeType vulnerability is under active attack. Cyber risks are rising—stay updated!

Reference:https://www.linkedin.com/newsletters/hacker-hacks-7126276864670670848/

Apple patched a WebKit zero-day (CVE-2025-24201) exploited in targeted attacks. CISA cut election security funding, citing cost savings. EU regulators probed OKX after Bybit’s $1.5B hack. The University of South Florida received $40M for a cybersecurity-focused college. A mass-exploited PHP flaw fueled global cyberattacks. Trump nominated Sean Plankey to lead CISA. Kerala’s lottery server faced 150 hacking attempts. SAP patched high-severity vulnerabilities, and CISOs faced burnout challenges.

Reference: https://www.linkedin.com/newsletters/hacker-hacks-7126276864670670848/